Securing the Edge: Why Being Cyber Resilient Is Crucial for Any Successful Edge Computing Journey

Edge computing is an area that is rapidly growing, driven by the explosion of data generated at the edge, as well as the proliferation of edge data centers, edge gateways, and Internet of Things (IoT) devices. This fast growth brings the complexity of securing the edge environment. Edge computing involves many different components that need to be secured, including areas such as devices, data, networks, and software applications. Failure to have a strong security posture in all of these areas can lead to significant and long-term losses for businesses.

Optus, an Australian telecommunications service provider, was a victim of a cyberattack that resulted in stolen data on 10 million customers. The breach occurred because of an unprotected and publicly exposed Application Programming Interface (API). Rackspace Technology, an American cloud computing provider, suffered a ransomware attack, with hackers able to access customer data and forcing Rackspace to shut down its hosted Exchange email environment.

As technology advances and more business look toward shifting to a distributed computing environment, new types of cyberattacks using advanced technology, such as Artificial Intelligence (AI) and Machine Learning (ML) are likely to happen. The proliferation of IoT devices being deployed in the field, if not secured correctly, could lead to many sophisticated attacks by external hackers.

The state of security maturity in edge computing will always be a work in progress, simply because this area is a constantly evolving market with new technology and innovation being introduced continuously. ABI Research believes there is a growing awareness of security risks in deploying edge computing solutions, and businesses look at several different types of security methods and frameworks when embarking on an edge computing journey.

Often, a large number of edge IoT devices are used in edge computing solutions. This also means that these devices form the starting point in building hardware Root of Trust (RoT) that can be used to secure the edge platform. Integrating a strong security posture starts at the processor level with security Intellectual Property (IP) blocks hosted on these IoT devices. For example, silicon IP producer Arm provides embedded security for Systems-on-Chip (SoCs) through its CryptoCell-700 family, while Intel’s built-in foundational security called Intel Security Essentials is available across all Intel processor lines, enabling security developers to protect and build applications in a secure environment.

Besides securing the core processor hardware, there are several ways that businesses can look into securing edge networks, including:

• Confidential Computing: A relatively new approach, confidential computing is a way of protecting data in use, preventing external threats from viewing or altering the processing of data. NVIDIA introduced its NVIDIA Confidential Computing deployed on the new H100 Tensor Core Graphics Processing Units (GPUs) in its NVIDIA Hopper architecture, preserving the confidentiality and integrity of AI models. An industry that will benefit from this is healthcare, with multi-party collaboration on fraud detection, medical imaging, and drug development demanding extreme confidentiality and integrity of data sources.
• Secure Access Service Edge (SASE): SASE is a networking and security architecture that combines Wide Area Networks (WANs) with network security functions, such as zero trust, firewalls, security gateways, etc. SASE helps ensure that edge platforms deployed at the edge pass compliance checks before joining the network, so only those authorized with the latest security updates and patches can reside in the system. This is especially useful for industries with many remote locations where individual checks are not feasible.
• Zero Trust: Zero trust is a set of principles that provide security controls for a business’ infrastructure, including Operational Technology (OT), Information Technology (IT) systems, Internet of Things (IoT) devices, etc. With the proliferation of IoT devices, zero trust reduces the reliance on perimeter-based protection, such as firewalls, and enforces identity-based rules that govern access to data, applications, and other devices.

The edge computing market can be a complex and fragmented ecosystem. Not all edge solutions providers have the capability to provide a trusted edge security solution. However, articulating the importance of building and starting with a strong security posture at the beginning of the edge journey will be crucial in developing a long-lasting relationship with customers. Below are some areas where edge solutions providers can look to bring greater value to the edge computing market:

• Security Integration Out of the Box: Ensure that all edge solutions are shipped with basic security functions, such as identity and access management, data loss protection, etc., by default. Equally critical is security compatibility with other components within the edge ecosystem. This could mean making sure Intel’s Central Processing Unit (CPU) security framework works well with the IoT device and the IoT device connects to the network security platform, ensuring multiple layers of security protection.
• Having Different Edge Solutions for Different Industries: Edge deployments are becoming more and more complex, and it is no longer feasible to have a one-size-fits-all edge computing platform. Cybersecurity requirements for a retail chain can be very different compared to a heavy machinery manufacturer. Edge computing providers should explore collaboration with industry associations within a specific vertical to better understand the challenges and needs of the industry, especially in terms of security governance, risk, and compliance.
• Strategic Technology Partnerships: Not everyone can incorporate an end-to-end edge solution with a compelling go-to-market strategy. Strategic collaboration will be key. For example, Microsoft and NVIDIA worked together to enable NVIDIA GPUs to be part of the Azure confidential computing ecosystem. VMware is working with Lumen Technologies to embed security intelligence, automatic threat detection, and proactive response models directly into the Lumen Edge Private Cloud platform.

Edge computing providers are racing to grab a piece of the pie, but must remember that a unique value proposition coupled with a strong security focus will be crucial in guaranteeing success in this space. Applying confidential computing, SASE, zero trust, etc. together with an edge solution does not guarantee a successful product. Edge providers should look at the strengths and weaknesses of their edge solutions and figure out what would make the most sense for their customers, as well as for the business. Building with a strong security foundation in mind will be key to ensuring longevity and success in this market.